|
266131
|
7.5 |
HIGH
Network
|
ikiwiki
|
ikiwiki
|
ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a page on sites with the git and recentchanges plugins and the CGI interface enabled, which allows remote a…
|
CWE-284
Improper Access Control
|
CVE-2016-10026
|
2024-11-21 11:43 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266132
|
6.1 |
MEDIUM
Network
|
sivann
|
it_items_database
|
An issue was discovered in IT ITems DataBase (ITDB) through 1.23. The vulnerability exists due to insufficient filtration of user-supplied data in the "value" HTTP POST parameter passed to the "itdb-…
|
CWE-79
Cross-site Scripting
|
CVE-2016-10216
|
2024-11-21 11:43 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266133
|
6.1 |
MEDIUM
Network
|
fastspot
|
bigtree-form-builder
|
An issue was discovered in Fastspot BigTree bigtree-form-builder before 1.2. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP POST parameters passed to a…
|
CWE-79
Cross-site Scripting
|
CVE-2016-10215
|
2024-11-21 11:43 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266134
|
7.5 |
HIGH
Network
|
gstreamer_project
|
gstreamer
|
The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a …
|
CWE-125
Out-of-bounds Read
|
CVE-2016-10199
|
2024-11-21 11:43 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266135
|
5.5 |
MEDIUM
Local
|
gstreamer_project
|
gstreamer
|
The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and …
|
CWE-125
Out-of-bounds Read
|
CVE-2016-10198
|
2024-11-21 11:43 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266136
|
9.8 |
CRITICAL
Network
|
ffmpeg
|
ffmpeg
|
Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failur…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10192
|
2024-11-21 11:43 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266137
|
9.8 |
CRITICAL
Network
|
ffmpeg
|
ffmpeg
|
Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by levera…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10191
|
2024-11-21 11:43 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266138
|
9.8 |
CRITICAL
Network
|
ffmpeg
|
ffmpeg
|
Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote web servers to execute arbitrary code via a nega…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10190
|
2024-11-21 11:43 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266139
|
5.9 |
MEDIUM
Network
|
a10networks
|
advanced_core_operating_system
|
A10 AX1030 and possibly other devices with software before 2.7.2-P8 uses random GCM nonce generations, which makes it easier for remote attackers to obtain the authentication key and spoof data by le…
|
CWE-200
Information Exposure
|
CVE-2016-10213
|
2024-11-21 11:43 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266140
|
5.9 |
MEDIUM
Network
|
radware
|
alteon
|
Radware devices use the same value for the first two GCM nonces, which allows remote attackers to obtain the authentication key and spoof data via a "forbidden attack," a similar issue to CVE-2016-02…
|
CWE-200
Information Exposure
|
CVE-2016-10212
|
2024-11-21 11:43 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
